Hackers successfully exploited two of the vulnerabilities that Apple patched in its latest iOS 12.1.4 update.

Ben Hawkes, team leader at Google’s Project Zero security research group, revealed in a tweet that vulnerabilities identified as CVE-2019-7286 and CVE-2019-7287 in Apple’s iOS 12.1.4 security change log had been exploited in the wild as “zero day.”

A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting it.

At the moment, it’s unclear under what circumstances the vulnerabilities were used, but one exploit involved the iOS Foundation component and a memory corruption issue that could allow an app to gain “elevated privileges” on an iPhone 5s and later, iPad Air and later, or an iPod Touch 6th generation. The second vulnerability potentially allowed for kernel privileges and affected the same devices.

Continue Reading

Advertisement

Advertisement

Avoid A Cyber Standoff With Layer 7 Data Solutions

Imagine you get hit by a ransomware attack, or your servers, website, email, and e-commerce go down. With Layer 7 Data Solutions help, you can backup your virtual machines in as little as three clicks and quickly decide what you need to restore if you experience unexpected data loss—since all of your backup information is in a central dashboard. Contact us today (718) 749-9421 x1101 | Sales@Layer7Data.com